专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20080232595A1 Vehicle Segment Certificate Management Using Short-Lived, Unlinked Certificate Schemes 有权
标题翻译：使用短期，未连接证书方案的车辆段证书管理
公开(公告)号：US20080232595A1
公开(公告)日：2008-09-25
申请号：US12051309
申请日：2008-03-19
申请人： Stanley Pietrowicz , Giovanni Di Crescenzo , Tao Zhang , Robert G. White
发明人： Stanley Pietrowicz , Giovanni Di Crescenzo , Tao Zhang , Robert G. White
IPC分类号： H04L9/14
CPC分类号： G06Q20/3829 , H04L9/002 , H04L9/3268 , H04L9/3297 , H04L63/062 , H04L63/068 , H04L63/0823 , H04L2209/42 , H04L2209/56 , H04L2209/84
摘要： The present invention advantageously provides a system and method for management of cryptographic keys and certificates for a plurality of vehicles. Each vehicle of the plurality of vehicles generates public/private key pairs, requests multiple time-distributed certificates, creates an encrypted identity, and surrenders expired certificates. An assigning authority receives the public/private key pairs, the request for multiple time-distributed certificates, the encrypted identity, and the expired certificates from said vehicle. The assigning authority authorizes the vehicle with an authorizing authority, validates the expired certificates, proves ownership, and distributes the requested time-distributed certificates to said vehicle. Validation can comprise checking expired certificates against misused, compromised and/or previously surrendered certificates. Time-distributed certificates can have lifetimes adjustable based on certificate misuse detection system algorithms, amount of malicious activity detected, and/or certificate authority capacity.
摘要翻译：本发明有利地提供了一种用于管理多个车辆的密码密钥和证书的系统和方法。多个车辆中的每个车辆产生公共/私人密钥对，请求多个时间分布证书，创建加密身份，并交出过期证书。分配机构从所述车辆接收公钥/私钥对，多个时间分布证书的请求，加密的身份和过期的证书。分配机构授权车辆授权，验证过期的证书，证明所有权，并将所要求的分发时间的证书分发给所述车辆。验证可以包括检查过期的证书，以防被滥用，受到损害和/或以前交出的证书。基于证书滥用检测系统算法，检测到的恶意活动量和/或证书颁发机构容量，分布式证书的生命周期可以调整。

2. 发明授权

US08363832B2 Vehicle segment certificate management using shared certificate schemes 有权
标题翻译：使用共享证书方案的车辆段证书管理
公开(公告)号：US08363832B2
公开(公告)日：2013-01-29
申请号：US12051241
申请日：2008-03-19
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
IPC分类号： H04L29/06
CPC分类号： H04L9/006 , H04L9/002 , H04L9/08 , H04L9/0872 , H04L9/0891 , H04L2209/42 , H04L2209/84 , H04W4/046 , H04W12/04 , H04W12/12
摘要： The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position.
摘要翻译：本发明有利地提供了通过解决关于其可行性，可扩展性和性能的关键问题来解决组合匿名证书管理问题的技术。介绍了管理IEEE 1609.2匿名和识别车辆基础设施集成（VII）系统中的加密密钥和证书的方法和步骤，以及用于管理用于增强车辆隐私的分区证书颁发机构架构中的识别和匿名证书的方法。给出了车辆在维护车辆隐私时动态更改匿名证书以供使用的新方法。提出了基本组合方案的改进，包括概率密钥替换，重新计数器递减，动态密钥阈值，地理攻击隔离和地理位置证明。

3. 发明授权

US08171283B2 Vehicle segment certificate management using short-lived, unlinked certificate schemes 有权
标题翻译：使用短期，无关联证书方案的车辆段证书管理
公开(公告)号：US08171283B2
公开(公告)日：2012-05-01
申请号：US12051309
申请日：2008-03-19
申请人： Stanley Pietrowicz , Giovanni Di Crescenzo , Robert G. White , Tao Zhang
发明人： Stanley Pietrowicz , Giovanni Di Crescenzo , Robert G. White , Tao Zhang
IPC分类号： H04L29/06
CPC分类号： G06Q20/3829 , H04L9/002 , H04L9/3268 , H04L9/3297 , H04L63/062 , H04L63/068 , H04L63/0823 , H04L2209/42 , H04L2209/56 , H04L2209/84
摘要： The present invention advantageously provides a system and method for management of cryptographic keys and certificates for a plurality of vehicles. Each vehicle of the plurality of vehicles generates public/private key pairs, requests multiple time-distributed certificates, creates an encrypted identity, and surrenders expired certificates. An assigning authority receives the public/private key pairs, the request for multiple time-distributed certificates, the encrypted identity, and the expired certificates from said vehicle. The assigning authority authorizes the vehicle with an authorizing authority, validates the expired certificates, proves ownership, and distributes the requested time-distributed certificates to said vehicle. Validation can comprise checking expired certificates against misused, compromised and/or previously surrendered certificates. Time-distributed certificates can have lifetimes adjustable based on certificate misuse detection system algorithms, amount of malicious activity detected, and/or certificate authority capacity.
摘要翻译：本发明有利地提供了一种用于管理多个车辆的密码密钥和证书的系统和方法。多个车辆中的每个车辆产生公共/私人密钥对，请求多个时间分布证书，创建加密身份，并交出过期证书。分配机构从所述车辆接收公钥/私钥对，多个时间分布证书的请求，加密的身份和过期的证书。分配机构授权车辆授权，验证过期的证书，证明所有权，并将所要求的分发时间的证书分发给所述车辆。验证可以包括检查过期的证书，以防被滥用，受到损害和/或以前交出的证书。基于证书滥用检测系统算法，检测到的恶意活动量和/或证书颁发机构容量，分布式证书的生命周期可以调整。

4. 发明授权

US08635681B2 Method and system to authorize and assign digital certificates without loss of privacy, and/or to enhance privacy key selection 有权
标题翻译：方法和系统授权和分配数字证书而不会失去隐私，和/或加强隐私密钥选择
公开(公告)号：US08635681B2
公开(公告)日：2014-01-21
申请号：US12012454
申请日：2008-02-01
申请人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
发明人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
IPC分类号： H04L9/32 , H04K1/00
CPC分类号： H04L63/0823 , H04L63/20 , H04L2209/42 , H04L2209/84
摘要： A method and system for public key infrastructure key and certificate management provides anonymity to certificate holders and protects the privacy of certificate holders from the compromise of a certificate authority. Functional separation is provided in the authorization of a certificate request and the assignment of certificates and key pairs. The authorizing certificate authority approves or denies each certificate request from a requestor whose identity is not made available to the assigning certificate authority. The assigning certificate authority, upon approval from the authorizing certificate authority, issues one or more certificates and optionally generates and provides the associated key pairs to the requester without disclosing these certificates and key pairs to the authorizing certificate authority. In another aspect, a distributed method is disclosed that allows individual nodes and/or units in a network to select certificates for broadcasting messages to a community of interest with a non-unique key.
摘要翻译：公共密钥基础设施密钥和证书管理的方法和系统为证书持有人提供匿名性，并保护证书持有者的隐私免受认证机构的损害。功能分离在证书请求的授权和证书和密钥对的分配中提供。授权证书颁发机构批准或拒绝来自请求者的每个证书请求，该请求者的身份不可用于分配证书颁发机构。分配证书颁发机构经授权认证机构批准后，会发出一个或多个证书，并可选择地生成并将相关的密钥对提供给请求者，而不向授权认证机构披露这些证书和密钥对。在另一方面，公开了一种分布式方法，其允许网络中的各个节点和/或单元使用非唯一密钥来选择用于向感兴趣的社区广播消息的证书。

5. 发明申请

US20080232583A1 Vehicle Segment Certificate Management Using Shared Certificate Schemes 有权
标题翻译：使用共享证书方案的车辆段证书管理
公开(公告)号：US20080232583A1
公开(公告)日：2008-09-25
申请号：US12051241
申请日：2008-03-19
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
IPC分类号： H04L9/06
CPC分类号： H04L9/006 , H04L9/002 , H04L9/08 , H04L9/0872 , H04L9/0891 , H04L2209/42 , H04L2209/84 , H04W4/046 , H04W12/04 , H04W12/12
摘要： The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position.
摘要翻译：本发明有利地提供了通过解决关于其可行性，可扩展性和性能的关键问题来解决组合匿名证书管理问题的技术。介绍了管理IEEE 1609.2匿名和识别车辆基础设施集成（VII）系统中的加密密钥和证书的方法和步骤，以及用于管理用于增强车辆隐私的分区证书颁发机构架构中的识别和匿名证书的方法。给出了车辆在维护车辆隐私时动态更改匿名证书以供使用的新方法。提出了基本组合方案的改进，包括概率密钥替换，重新计数器递减，动态密钥阈值，地理攻击隔离和地理位置证明。

6. 发明申请

US20100031025A1 Method and system to authorize and assign digital certificates without loss of privacy, and/or to enhance privacy key selection 有权
标题翻译：方法和系统授权和分配数字证书而不会失去隐私，和/或加强隐私密钥选择
公开(公告)号：US20100031025A1
公开(公告)日：2010-02-04
申请号：US12012454
申请日：2008-02-01
申请人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
发明人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
IPC分类号： H04L9/00
CPC分类号： H04L63/0823 , H04L63/20 , H04L2209/42 , H04L2209/84
摘要： A method and system for public key infrastructure key and certificate management provides anonymity to certificate holders and protects the privacy of certificate holders from the compromise of a certificate authority. Functional separation is provided in the authorization of a certificate request and the assignment of certificates and key pairs. The authorizing certificate authority approves or denies each certificate request from a requestor whose identity is not made available to the assigning certificate authority. The assigning certificate authority, upon approval from the authorizing certificate authority, issues one or more certificates and optionally generates and provides the associated key pairs to the requester without disclosing these certificates and key pairs to the authorizing certificate authority. In another aspect, a distributed method is disclosed that allows individual nodes and/or units in a network to select certificates for broadcasting messages to a community of interest with a non-unique key.
摘要翻译：公共密钥基础设施密钥和证书管理的方法和系统为证书持有人提供匿名性，并保护证书持有者的隐私免受认证机构的损害。功能分离在证书请求的授权和证书和密钥对的分配中提供。授权证书颁发机构批准或拒绝来自请求者的每个证书请求，该请求者的身份不可用于分配证书颁发机构。分配证书颁发机构经授权认证机构批准后，会发出一个或多个证书，并可选择地生成并将相关的密钥对提供给请求者，而不向授权认证机构披露这些证书和密钥对。在另一方面，公开了一种分布式方法，其允许网络中的各个节点和/或单元使用非唯一密钥来选择用于向感兴趣的社区广播消息的证书。

7. 发明授权

US09094206B2 Method and system for secure session establishment using identity-based encryption (VDTLS) 有权
标题翻译：使用基于身份的加密（VDTLS）进行安全会话建立的方法和系统
公开(公告)号：US09094206B2
公开(公告)日：2015-07-28
申请号：US12259054
申请日：2008-10-27
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Hyong Sop Shim , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Hyong Sop Shim , Tao Zhang
IPC分类号： G06F15/16 , H04L9/32 , H04L29/06 , H04L9/30
CPC分类号： H04L9/32 , H04L9/3073 , H04L9/3263 , H04L9/3273 , H04L63/06 , H04L63/0869 , H04L63/0876 , H04L63/164 , H04L69/16 , H04L69/164 , H04L2209/84 , H04W12/06
摘要： The inventive system for providing strong security for UDP communications in networks comprises a server, a client, and a secure communication protocol wherein authentication of client and server, either unilaterally or mutually, is performed using identity based encryption, the secure communication protocol preserves privacy of the client, achieves significant bandwidth savings, and eliminates overheads associated with certificate management. VDTLS also enables session mobility across multiple IP domains through its session resumption capability.
摘要翻译：用于为网络中的UDP通信提供强大安全性的本发明的系统包括服务器，客户端和安全通信协议，其中使用基于身份的加密来执行单方面或相互的客户端和服务器的认证，所述安全通信协议保持客户端可以实现显着的带宽节省，并消除与证书管理相关的开销。 VDTLS还通过其会话恢复功能实现跨多个IP域的会话移动性。

8. 发明申请

US20100031042A1 Method and System for Secure Session Establishment Using Identity-Based Encryption (VDTLS) 有权
标题翻译：使用基于身份的加密（VDTLS）进行安全会话建立的方法和系统
公开(公告)号：US20100031042A1
公开(公告)日：2010-02-04
申请号：US12259054
申请日：2008-10-27
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Hyong Sop Shim , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Hyong Sop Shim , Tao Zhang
IPC分类号： H04L9/32 , H04L29/06 , H04L9/28
CPC分类号： H04L9/32 , H04L9/3073 , H04L9/3263 , H04L9/3273 , H04L63/06 , H04L63/0869 , H04L63/0876 , H04L63/164 , H04L69/16 , H04L69/164 , H04L2209/84 , H04W12/06
摘要： The inventive system for providing strong security for UDP communications in networks comprises a server, a client, and a secure communication protocol wherein authentication of client and server, either unilaterally or mutually, is performed using identity based encryption, the secure communication protocol preserves privacy of the client, achieves significant bandwidth savings, and eliminates overheads associated with certificate management. VDTLS also enables session mobility across multiple IP domains through its session resumption capability.
摘要翻译：用于为网络中的UDP通信提供强大安全性的本发明的系统包括服务器，客户端和安全通信协议，其中使用基于身份的加密来执行单方面或相互的客户端和服务器的认证，所述安全通信协议保持客户端可实现显着的带宽节省，并消除与证书管理相关的开销。 VDTLS还通过其会话恢复功能实现跨多个IP域的会话移动性。

9. 发明授权

US08767965B2 Method for a public-key infrastructure providing communication integrity and anonymity while detecting malicious communication 有权
标题翻译：在检测恶意通信时提供通信完整性和匿名性的公钥基础设施的方法
公开(公告)号：US08767965B2
公开(公告)日：2014-07-01
申请号：US12175807
申请日：2008-07-18
申请人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
发明人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
IPC分类号： H04L9/06 , H04L9/08
CPC分类号： H04L9/0891 , G06F2221/0771 , H04L9/002 , H04L9/006 , H04L9/14 , H04L2209/42 , H04L2209/84
摘要： An inventive scheme for detecting parties responsible for repeated malicious activities in secure and anonymous communication is presented. The scheme comprises generating a pool of keys, distributing to and associating with each party a small number of keys chosen randomly from the pool, revoking a key when it is detected as used in a malicious activity, creating a set of parties associated with the revoked key, revoking additional keys randomly chosen among the keys not currently revoked, selecting new keys, and when a party requests an updated key, sending the updated key selected from among the new keys to the requesting party, wherein if an other malicious activity is detected, creating another set of the parties associated with the other malicious activity and identifying the parties in both sets. The steps of the inventive scheme are repeated until only one party is in the intersection set.
摘要翻译：提出了一种用于检测在安全和匿名通信中负责重复恶意活动的各方的创新方案。该方案包括生成一个密钥池，向每一方分配少量从池中随机选择的密钥并将其关联，当被检测为在恶意活动中被使用时撤销密钥，创建一组与被撤销的关联的一方密钥，撤销在当前未被撤销的密钥中随机选择的附加密钥，选择新密钥，以及当一方请求更新密钥时，将从新密钥中选择的更新密钥发送给请求方，其中如果检测到其他恶意活动，创建另一组与其他恶意活动相关联的各方，并确定两方的各方。重复本发明方案的步骤，直到只有一方在交集中。

10. 发明申请

US20090046854A1 Method for a Public-Key Infrastructure Providing Communication Integrity and Anonymity While Detecting Malicious Communication 有权
标题翻译：公共密钥基础设施的方法提供通信完整性和匿名性，同时检测恶意通信
公开(公告)号：US20090046854A1
公开(公告)日：2009-02-19
申请号：US12175807
申请日：2008-07-18
申请人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
发明人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
IPC分类号： H04L9/06
CPC分类号： H04L9/0891 , G06F2221/0771 , H04L9/002 , H04L9/006 , H04L9/14 , H04L2209/42 , H04L2209/84
摘要： An inventive scheme for detecting parties responsible for repeated malicious activities in secure and anonymous communication is presented. The scheme comprises generating a pool of keys, distributing to and associating with each party a small number of keys chosen randomly from the pool, revoking a key when it is detected as used in a malicious activity, creating a set of parties associated with the revoked key, revoking additional keys randomly chosen among the keys not currently revoked, selecting new keys, and when a party requests an updated key, sending the updated key selected from among the new keys to the requesting party, wherein if an other malicious activity is detected, creating another set of the parties associated with the other malicious activity and identifying the parties in both sets. The steps of the inventive scheme are repeated until only one party is in the intersection set.
摘要翻译：提出了一种用于检测在安全和匿名通信中负责重复恶意活动的各方的创新方案。该方案包括生成一个密钥池，向每一方分配少量从池中随机选择的密钥并将其关联，当被检测为在恶意活动中被使用时撤销密钥，创建一组与被撤销的关联的一方密钥，撤销在当前未被撤销的密钥中随机选择的附加密钥，选择新密钥，以及当一方请求更新密钥时，将从新密钥中选择的更新密钥发送给请求方，其中如果检测到其他恶意活动，创建另一组与其他恶意活动相关联的各方，并确定两方的各方。重复本发明方案的步骤，直到只有一方在交集中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式